Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The latter question is very important indeed. If you for instance render websites in your vm they, if i understand correctly, can potentially read secrets from other processes, like db credentials and other stuff...

If the only real solution is to turn off HT/SMT that, seen positively, should net us a lot faster VMs then...



>If the only real solution is to turn off HT/SMT that, seen positively, should net us a lot faster VMs then...

you also doubled the cost of each VM (in terms of cpu), but you didn't double the performance of each VM, so it's a net negative.


It might be Intel in the end having to pay that cost...


If you render websites that run code in your VM (e.g., you're running a traditional shared hosting infrastructure where mutually-untrusted users can upload PHP scripts, or you're doing something serverless / FaaS / Cloudflare Workers / etc. where mutually-untrusted users can upload functions), then yes. If you're rendering websites in the sense of hosting WordPress for lots of people but not permitting custom plugins, then no.


I thought more about Rendering and executing their js for screenshotting purposes for example.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: